Vulners
Lucene search
Loytec L-INX Automation Servers Information Disclosure / Cleartext Secrets
🗓️ 28 Nov 2023 00:00:00Reported by Chizuru ToyamaType 
packetstorm🔗 packetstormsecurity.com👁 378 Views
| Reporter | Title | Published | Views | Family All 38 |
|---|---|---|---|---|
 | Loytec LINX Automation Servers Information Disclosure / Cleartext Secrets Vulnerability | 28 Nov 202300:00 | – | zdt |
 | CVE-2023-46386 | 30 Nov 202323:15 | – | attackerkb |
| CVE-2023-46389 | 30 Nov 202323:15 | – | attackerkb |
| CVE-2023-46388 | 30 Nov 202323:15 | – | attackerkb |
| CVE-2023-46387 | 30 Nov 202323:15 | – | attackerkb |
 | CVE-2023-46386 | 17 Dec 202315:11 | – | circl |
| CVE-2023-46387 | 17 Dec 202315:11 | – | circl |
| CVE-2023-46388 | 17 Dec 202315:11 | – | circl |
| CVE-2023-46389 | 17 Dec 202315:11 | – | circl |
 | LOYTEC LINX-212 Security Vulnerability | 30 Nov 202300:00 | – | cnnvd |
10
`
[+] CVE : CVE-2023-46386, CVE-2023-46387, CVE-2023-46388, CVE-2023-46389
[+] Title : Multiple vulnerabilities in Loytec L-INX Automation Servers
[+] Vendor : LOYTEC electronics GmbH
[+] Affected Product(s) : LINX-151, Firmware 7.2.4, LINX-212, firmware 6.2.4
[+] Affected Components : L-INX Automation Servers
[+] Discovery Date : 01-Sep-2021
[+] Publication date : 03-Nov-2023
[+] Discovered by : Chizuru Toyama of TXOne networks
[Vulnerability Description]
CVE-2023-46386 : Insecure Permissions
'registry.xml' file contains hard-coded clear text credentials for
smtp client account. If an attacker succeeds in getting registry.xml file,
the email account could be compromised. Password should be encrypted.
CVE-2023-46387 : Improper Access Control
'/var/lib/lgtw/dpal_config.zml' file is accessible via file download API.
'dpal_config.wbx' which is extracted from 'dpal_config.zml' includes
sensitive configuration information such as smtp client information.
Authentication is required to exploit this vulnerability.
http://<IP>:<port>/DT?filename=/var/lib/lgtw/dpal_config.zml
CVE-2023-46388 : Insecure Permissions
'dpal_config.wbx' file contains hard-coded clear text credentials for
smtp client account. If an attacker succeeds in getting dpal_config.zml file,
the email account could be compromised. Password should be encrypted.
CVE-2023-46389 : Improper Access Control
'/tmp/registry.xml' file is accessible via file download API.
'registry.xml' includes device configuration information which includes
sensitive information such as smtp client information. Authentication is
required to exploit this vulnerability.
http://<IP>:<port>/DT?filename=/tmp/registry.xml
[Timeline]
01-Sep-2021 : Vulnerabilities discovered
13-Oct-2021 : Trend Micro ZDI (Zero Day Initiative) reported to vendor (no response)
07-Oct-2022 : ICS CERT reported to vendor (no response)
03-Nov-2023 : Public Disclosure
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
28 Nov 2023 00:00Current
7.4High risk
Vulners AI Score7.4
EPSS0.00401